/**
 * ===========================================
 * Project: cy-qbadmin
 * ===========================================
 * Package: com.cyou.qb.admin.util
 * 
 * Copyright (c) 2012, CYOU All Rights Reserved.
 * ===========================================
 */
package com.cyou.qb.admin.filiter;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.filter.OncePerRequestFilter;

import com.cyou.qb.common.domain.QiangbaAdmin;
import com.cyou.qb.constants.Constants;

/**
 * <p>LoginAuthorityFiliter</p>
 * <p>
 * Description:登陆权限过滤器
 * </p>
 *
 * @author lidongwei
 * @version 
 * @since 2012-9-21
 */
public class LoginAuthorityFiliter extends OncePerRequestFilter {

	/**
	 * Description 
	 * @author lidongwei
	 * @since 2012-9-21 下午3:42:05
	 * @see TODOsome class
	 */
	@Override
	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
			throws ServletException, IOException {
        String uri = request.getRequestURI();
        if(-1==uri.indexOf("login")){//不是login
        	// 从session中获取登录者实体  
        	QiangbaAdmin obj = (QiangbaAdmin)request.getSession().getAttribute("loginedUser");
            if(null==obj){
            	//如果session中不存在登陆者实体，则进入登录页面
            	request.getRequestDispatcher("/login/index.do").forward(request, response);
            }else{
            	String type= obj.getType();
            	
        		if(!(-1==uri.indexOf("account"))){
        			if(!type.equals("2")){
        			request.getSession().removeAttribute("loginedUser");
        			//如果不是管理员账户但是想要访问账号管理，那么直接跳转到login页面，并清空session,让你乱闯，开心了吧！！！哈哈哈啊哈哈哈
        			request.getRequestDispatcher("/login/index.do").forward(request, response);
        			}else {
        			filterChain.doFilter(request, response); 
        			}
        		}else{
        			filterChain.doFilter(request, response); 
        		}
            }
        }else{
            	filterChain.doFilter(request, response); 
        }
	}

}
